Yet ANOTHER IE 0-day hole found: Malware-flingers already using it for drive-by badness Security researchers have discovered new zero-day vulnerabilities in Internet Explorer that are already being harnessed by hackers to run a new type of drive-by attack. FireEye, the security firm that discovered the attack method, said that the flaw is present in various versions of Internet Explorer 7, 8, 9 and 10, while …
And why is it you continue to copy paste the exact same comment?
http://forums.theregister.co.uk/forum/1/2013/09/23/apt_deputydog_evilgrab_target_asian_firms/#c_1965415
http://forums.theregister.co.uk/forum/1/2013/07/05/ms_july_2013_patch_tuesday_prealert/
http://m.forums.theregister.co.uk/forum/1/2013/10/22/vulna_mobile_ad_threat_followup/
http://forums.theregister.co.uk/forum/1/2013/06/18/flash_webcam_flaw/#c_1864192
Well, two can play that game; here is my previous response
Posted Wednesday 18th September 2013 16:46 GMT
Maharg
Re: Surprise!
“Why is it that when we see the word "exploit" or the phrase "security problems/issues", the article is always about Microsoft.
People need to give themselves a shake and stop using MS products!”
Yep totally right, for instance these 16 (is that enough?) links from this site illustrate your point perfectly.
http://www.theregister.co.uk/2013/08/19/fooling_the_appstore_one_codechunk_at_a_time/
http://www.theregister.co.uk/2013/08/08/linux_banking_trojan/
http://www.theregister.co.uk/2013/07/09/android_sig_vuln_exploit_seen_in_the_wild/
http://www.theregister.co.uk/2013/08/02/fbi_staff_admit_hacking_android/
http://www.theregister.co.uk/2013/02/20/apple_java_omnishambles/
http://www.theregister.co.uk/2013/05/01/google_glass_security_nightmare/
http://www.theregister.co.uk/2013/07/16/android_sig_vuln_analysis/
http://www.theregister.co.uk/2013/03/07/baseband_processor_mobile_hack_threat/
http://www.theregister.co.uk/2013/02/21/iphonedevsdk_hack_involvement/
http://www.theregister.co.uk/2012/09/21/android_nfc/
http://www.theregister.co.uk/2013/07/22/master_key_doctored_apps_google_play/
http://www.theregister.co.uk/2013/07/17/google_glass_qr_exploit/
http://www.theregister.co.uk/2012/11/30/cloud_based_web_browser_exploits/
http://www.theregister.co.uk/2012/04/19/instagram_android_sms_trojan/
http://www.theregister.co.uk/2012/11/23/mystery_chrome_0_day/
http://www.theregister.co.uk/2012/09/26/samsung_remote_wipe_app_fix/
Each time you spam this same comment I can reply in turn, try having something original to say
So you're going to stop me spamming by spamming an even bigger message in reply? That'll definitely work!
Maybe you should have a little think about why I post this message all the time (surely in all your research you noticed that I wasn't the original poster of this comment....) but here's a clue for the hard of thinking, it's not because i think microsoft are the only company making software with security bugs (I post on ariticles about flash, linux, iOS etc....).
>>>So you're going to stop me spamming by spamming an even bigger message in reply? That'll definitely work!<<<
Yep, got your attention = worked
>>>Maybe you should have a little think about why I post this message all the time (surely in all your research you noticed that I wasn't the original poster of this comment....)<<<
I'm sorry, I can’t tell the difference between one AC and another, as for all my research, a Google search and pressing Crtl+C on the first couple of relevant links is not ‘research’
>>>but here's a clue for the hard of thinking, it's not because i think microsoft are the only company making software with security bugs<<<
I'm sorry, I can’t tell the difference between one AC and another
>>>(I post on ariticles about flash, linux, iOS etc....).<<<
I'm sorry, I can’t tell the difference between one AC and another
>>> Yep, got your attention = worked <<<
So "AC STOP SPAMMING" was just a red herring, you actually wanted to get my attention?
>> I'm sorry, I can’t tell the difference between one AC and another <<
So you think it's lots of identical posts from different AC users?
I'm sorry, I can't tell the difference between total nonsense and your posts.
But I'll surely think twice before posting that hilarious "stop using MS" comment you like so much!
>>>So "AC STOP SPAMMING" was just a red herring, you actually wanted to get my attention?<<<
*headdesk* it got your attention, and addressed the issue, and drew attention to the issue, therefor it worked, or rather, is working.
>>>So you think it's lots of identical posts from different AC users?<<<
No, I thought it was the same un-original and inaccurate spam post by the same un-original and inaccurate spam poster, you are the one who introduced the idea of it coming from a different inaccurate original poster.
>>>I'm sorry, I can't tell the difference between total nonsense and your posts.<<<
The difference is my posts are factually accurate.
Sorry, I may have misunderstood that, did you mean to say
“I'm sorry, I can't tell the difference between total nonsense and MY posts”
>>>>But I'll surely think twice before posting that hilarious "stop using MS" comment you like so much!<<<
Let me help you
hi•lar•i•ous (hɪˈlɛər i əs, -ˈlær-, haɪ-)
adj. 1. arousing great merriment; extremely funny.
I think the word you wanted was ‘pointless’.
But at least now I understand why you kept posting the same un-original and inaccurate crap, I thought you just didn’t care, turns out that un-original and inaccurate crap makes more sense and is more accurate than anything else you are able to type!
It's very fashionable to bash IE, but the truth is that all the major browsers have holes. Firefox has fixed 12 critical vulnerabilities (defined as "can be used to run attacker code and install software, requiring no user interaction beyond normal browsing") in the last two releases. So, if you're running Firefox 24 or earlier, your browser has at least 5 critical vulnerabilities in it (see https://www.mozilla.org/security/known-vulnerabilities/firefox.html).
I don't have figures for Chrome, but does anyone really believe that all those Chrome releases that seem to come out every other day are only for new features?
"However, simply rebooting compromised machines would appear to remove them from the botnet, so what this new type of attack gains in stealth, it loses in persistence. "
Perhaps this new type of attack is less aimed at personal machines but more likely to be corporate devices? Users on large networks probably leave their device switched on after logging off to allow remote program/patch updates to take place out of hours so RAM remains powered.
>Perhaps this new type of attack is less aimed at personal machines but more likely to be corporate devices? Users on large networks probably leave their device switched on after logging off to allow remote program/patch updates to take place out of hours so RAM remains powered.
Where do you work ? Makes absolutely no sense to me !
1. So you log off, workstation stays powered on with logon screen -> You waste quite a bit of electrickery but since the full monty is still powered needless to single-out RAM
2. Sleeping workstation, RAM is powered, but does not allow patch installation ... unless you have wakeOnLAN (see option 3)
3. You might as well switch the bugger off, as modern systems WakeOnLAN when "powered off" (obviously, eth0 will use tiny bit of electrickery as long as power cord is connected)
And, the buggers will hijack your homepage, they are not that dumb.
No. Just no.
There are reasons that Linux does not dominate the desktop. The "YOU SHOULD USE LINUX BECAUSE IT IS BETTER!!!1" argument is getting exceptionally tiring. The average person and their family do not care about Linux, or your opinion.
Besides, all software has vulnerabilities. The only difference is that Microsoft vulnerabilities are more publicised.
Indeed, you can't give Linux away. I offer my less financially able customers Linux on their new PC advising them it's £100 cheaper and will do all the Ebay etc. they want.
But no they still stump up the extra £100. In the five years I have been in business not one has asked for Linux. Even the ones that know about it. They just want Windows.
"If your stupid enough to run a xp machine with IE7 you need shooting, which Ubuntu or Linux mint will run well on with 512meg ram and far less targeted operating system"
Apologies for feeding the troll, but...
Nobody runs XP. Many people run apps that require some version of Windows. Your 'buntu or mint machines might as well be doorstops if you are trying to run the averagely-obscure Windows apps that make most people's world go round.
Millions of "stupid enough" people who know almost nothing about computers understand this point. Why don't you?
A substantial fraction of US Government computers, and probably also those in the UK and many other countries, run XP. Along with that, a very large fraction of those who haven't bought a new machine since Vista release, and a substantal fraction of those who could have purchased their machine with Vista but chose, rather sensibly, to accept the "downgrade" to XP. Those may total to a mere several hundred million PCs, but that hardly qualifies as "nobody".
I notice that on many of the HP systems now on offer, the descriptions prominently offer the option of a "downgrade" to Windows 7.
>But most of us need to run proper Office software that actually works
Exactly ! I mean, you could claim you want to run Exchange, the only "about average" piece of software that comes out of Redmond ... but Office ???? Where do you live ? Either you want to make decent stuff and have more money than sense you go for Indesign/Mac, or you go for Inkscape/<insertAnyOSHere>. If it is just daily stuff nobody special will see, you go with OpenOffice - note that you can turn OpenOffice stuff into crisp PDF's as well, Inkscape just makes a much better job.
Office ? in general is overblown bloatware !
Word => utter crap, Outlook => utterUtter crap, Excel =>crap, PowerPoint =>utterUtter crap
Excel cannot handle csv's properly, word cannot do text formatting correctly, PowerPoint does not support SVG, Outlook screws up multipart messages and uses a proprietary message format (who would endure that ?).
Basic features any software of its kind must excel at (pun intended).
Because these sites will probably be victims themselves, compromized using some vulnerability in an out-of-date CMS or one of its plugins. But notfications will have been send out to the hostng providers of these websites. And in all likelyhood the websites will have been taken offline, and a call to the website owner explaining they have been compromized and they have to clean their website, update their CMS, change passwords and whatnot before their website can be allowed online again *)
Besides, if you have google safebrowsing turned on, your browser will shield you from the known compromized websites.
*) Or at least, that is how it's supposed to work in theory.
Ordinary folks don't know how computers work. Most just use them and have no idea how to turn off/on even simple options (like renaming files or deleting unused shortcuts on the Desktop) so just assume it's been set up safely.
We reading this know the truth. But 90% of folks don't understand the issues or how to avoid them.
Now let that sink in.
Now try telling at least one relative/friend/passerby that they need to defrag a drive, update malware/virus definitions, use better Browsers or run regular 'chkdsk' maintenance.
They'll look at you as if you were a Witchdoctor from deepest Africa speaking a foreign language.
Computers need to be made much more simply.
"Now try telling at least one relative/friend/passerby that they need to defrag a drive, update malware/virus definitions, use better Browsers or run regular 'chkdsk' maintenance."
Lucky then that none of those have been required since Windows 7 (and 8) made them all automated background processes and included a more secure browsers than the major competition........
LMFAO since window 95 microsoft has scheduled a defrag of the system as default. Problem is the pathetically bloated os relies on NTFS which as such a neanderthal approach to file access it is criminal!
As long as Microshaft stick with NTFS Windows will always need a defrag whether scheduled or not. Problem is a scheduled defrag bogs down the system every time it is run and hilariously it is recommened not to use the system while it is running. Now Microsoft havent changed the kernel or NTFS in years so quite how you bloat such BS is beyond any sane human being
FAT based file systems save each file directly following each other. So if you later edit / add to this file, the added portion needs to be saved somewhere else. This will create a fragment (or more than one). A new file is saved starting from the 1st blank spot, even if that blank spot is too small to contain the entire file.
NTFS is a bit better in theory, it allows some free space around each file. Then if it notices that the file will become fragmented, it "attempts" to save the entire file in a new location. The caveat to this is "efficiency": if it would not take too much time to save the entire file over again it will be done, otherwise just create a new fragment. Just how it determines "too much time" is up for grabs ... and like most M$ ideas also a secret!
Ext3/4 also generates blank spaces "around" each file. Where it differs significantly from NTFS is that it'll only fragment when it's impossible to keep the file as one single fragment ... that (usually) only happens when the disk becomes too full.
You coward are a complete and utter fool and a lemming to the corporate empire. Most secure browser? Was that a report sponsored by Microsoft pray tell. Get a life and start thinking for yourself Lemming
Please tell why Microsofts kernel is so less secure then linux's kernel even after 20 years of constant patching?
Microsoft windows..2871630 patches ever and still crap
NT series of Windows have never had defragmentation scheduled at boot time.
NTFS has been regularly updated with each new release of Windows (NT series).
NTFS is not a FAT based system, it is a B+tree based system.
It will not noticeably fragment until it's similarly full as an ext3/4 filesystem.
I could go on, suffice to say that you need to keep up with Windows and Linux technologies, if you're going to slag one off for being out of date.
It is a reflexive verb, my program has a bug in it, your program has a flaw, their program is a car crash.
I think you mean "irregular verb", Minister.
We don't much use reflexive forms in English. In some other languages there are verbs that are only used that way; e.g. se coucher in French, which is a bit like having to say "I lie myself down" rather than "I lie down".
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
